Design Con 2015
Breaking News
Comments
Newest First | Oldest First | Threaded View
<<   <   Page 5 / 5
Susan Rambo
User Rank
Blogger
Re: Local access does make the difference
Susan Rambo   8/7/2013 10:19:30 PM
NO RATINGS
You are probably right. We are all in more danger from badly designed code in ECUs than we are yet from car hacking.

Bert22306
User Rank
CEO
Re: Local access does make the difference
Bert22306   8/7/2013 8:47:36 PM
NO RATINGS
In short, the focus has to be on brakes, steering, and to a lesser extent, throttle. Listing a lot of other stuff just adds noise to the discussion.

The question of what will be possible or not in the future isn't the issue. The future will have to be taken care of, in due course. The question at hand now is how vulnerable vehicles are, present tense, to remote hacking into the critical system (steering, brakes, throttle, not the stereo). It goes without saying that as new capabilities are added to cars, for safety, efficiency of operation, or convenience, new attack vectors will emerge that will need to be addressed. We need not assume right now that these eventual vulnerabilities will go unaddressed.

That's the way engineering of new things has always evolved, after all. You design something new, then you do your best to debug the new gadget before putting it on the market. Unless we're to believe that engineers are unable to discover vulnerabilities, and why that would be the case I don't know, then this network connectivity is just another new aspect to debug thoroughly. And yes, things are missed from time to time, and they have to be fixed quickly when this happens.

As to telematics hacking, that's not a major safety concern, unless you show that OnStar (or other) can incapacitate the brakes, steering, or throttle. Can it? It is probably possible to shut the car down remotely (anti-theft), but fortunately cars can stop passively, without incurring a huge risk. On the other hand, whether the hacker can determine your location, or whether your engine warning light is lit, is more of a privacy issue at best. AND, any car owner can incapacitate that OnStar system. Find the access panel, probably in the trunk, and disconnect it.

Susan Rambo
User Rank
Blogger
Re: Local access does make the difference
Susan Rambo   8/7/2013 8:06:50 PM
NO RATINGS
Only a matter of time, do you think? What happens when cars become just a "thing" -- an end node -- on the Internet of Things, as this newly formed US Consortium is working toward? I bet wireless remote hacking will be possible. Researchers from the CAESS Center for Embedded Automotive Systems  (the same UofW and UCSD group mentioned in article) say "we can call our car's cellular phone number to obtain full control over the car's telematics unit over an arbitrary distance."

Bert22306
User Rank
CEO
Local access does make the difference
Bert22306   8/7/2013 7:23:08 PM
NO RATINGS
Sorry, Junko, we've been over this already. Local connection to the OBD-II port makes all the difference. Unless you encrypt any content that can go into the OBD-II port, making it essentially useless for its intended purpose, it would be pretty hard to prevent "hacking" when the "hacker" is deliberately allowed to get inside.

This OBD-II port is meant for garages to use, e.g. for troubleshooting and emissions testing. They also have access to brakes, steering, and throttle, and every other system in that car, without needing wires to cause damage.

If you do encrypt that OBD-II port, and then you give garages the private key necessary to decrypt, so they can do their work, then we're back where we are now.

Having remote wireless access to the critical functions, such as brakes, throttle, and steering, through an unencrypted interface, is what has to be shown. If that's available, then that security hole needs to be plugged. But quite honestly, this stream of articles about hacking seems to obfuscate the attack vectors, by including a lot of extraneous information.

Show me where a remote wireless device can impair the function of throttle, brakes, or steering. Leave the rest out. Then we can see if there's a problem to be fixed.

<<   <   Page 5 / 5


Flash Poll
Top Comments of the Week
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

Book Review: Deadly Odds by Allen Wyler
Max Maxfield
11 comments
Generally speaking, when it comes to settling down with a good book, I tend to gravitate towards science fiction and science fantasy. Having said this, I do spend a lot of time reading ...

Martin Rowe

No 2014 Punkin Chunkin, What Will You Do?
Martin Rowe
1 Comment
American Thanksgiving is next week, and while some people watch (American) football all day, the real competition on TV has become Punkin Chunkin. But there will be no Punkin Chunkin on TV ...

Rich Quinnell

Making the Grade in Industrial Design
Rich Quinnell
14 comments
As every developer knows, there are the paper specifications for a product design, and then there are the real requirements. The paper specs are dry, bland, and rigidly numeric, making ...

Martin Rowe

Book Review: Controlling Radiated Emissions by Design
Martin Rowe
1 Comment
Controlling Radiated Emissions by Design, Third Edition, by Michel Mardiguian. Contributions by Donald L. Sweeney and Roger Swanberg. List price: $89.99 (e-book), $119 (hardcover).